Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/KzcTGDufrRY_CgyX4Jmvxq_jVgg.roa
File: KzcTGDufrRY_CgyX4Jmvxq_jVgg.roa (raw, json)
Hash identifier: d/gGX08ZGIL+E1eze1sGybiI+5RdWRciuQJBKetEjpY=
Subject key identifier: 2B:37:13:18:3B:9F:AD:16:3F:0A:0C:97:E0:99:AF:C6:AF:E3:56:08
Certificate issuer: /CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Certificate serial: 01906CC96E38EE420AF51D70FA64467E4578
Authority key identifier: 6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/KzcTGDufrRY_CgyX4Jmvxq_jVgg.roa
Signing time: Mon 01 Jul 2024 05:34:18 +0000
ROA not before: Mon 01 Jul 2024 05:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215913
IP address blocks: 2a13:d040:2::/48 maxlen: 48
2a13:d040:3::/48 maxlen: 48
2a13:d040:4::/48 maxlen: 48
2a13:d046:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6c:c9:6e:38:ee:42:0a:f5:1d:70:fa:64:46:7e:45:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6aa8fa75c5020cd6218cf7f109de420265204bac
Validity
Not Before: Jul 1 05:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b3713183b9fad163f0a0c97e099afc6afe35608
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:84:f9:18:bf:34:cd:81:03:ed:50:dc:6e:13:
75:3e:30:e6:0c:00:f3:19:1b:07:d9:01:d6:a6:f7:
b3:2c:f9:bf:7c:82:f1:de:33:f1:c4:14:b4:37:02:
95:dd:16:23:ec:16:5f:06:8c:36:ca:a4:7f:4e:b7:
ed:90:e3:19:34:af:0f:2d:23:1e:a7:42:e0:04:84:
45:b8:93:18:48:50:67:d3:75:ea:af:89:91:bf:17:
cc:d3:d8:3f:36:46:23:c5:2b:33:76:d8:02:32:18:
f8:0b:6c:f6:74:dd:b4:00:71:f0:60:89:b6:ee:1a:
bf:a2:cc:1d:8b:de:9d:90:f9:02:d4:62:f5:c0:23:
92:f1:65:1a:c7:30:e1:9e:b0:e2:e6:30:c2:e0:f2:
1d:db:3a:85:63:50:6d:af:e3:fa:de:51:71:80:9d:
91:f8:b2:eb:66:d7:4e:c9:49:38:87:86:ec:03:80:
2a:4b:85:01:e0:e9:43:e6:48:f0:51:61:c7:59:c7:
20:13:06:27:ba:55:77:5f:e2:37:a2:fa:c3:ce:26:
4e:03:f7:42:d8:82:b7:65:f7:68:3a:1a:20:f0:5a:
e8:84:3b:2d:b7:7a:3f:f9:cf:a6:d5:cc:09:f2:3e:
52:48:e0:38:00:1f:3a:84:d3:16:4d:23:ba:5b:70:
1c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:37:13:18:3B:9F:AD:16:3F:0A:0C:97:E0:99:AF:C6:AF:E3:56:08
X509v3 Authority Key Identifier:
keyid:6A:A8:FA:75:C5:02:0C:D6:21:8C:F7:F1:09:DE:42:02:65:20:4B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aqj6dcUCDNYhjPfxCd5CAmUgS6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/KzcTGDufrRY_CgyX4Jmvxq_jVgg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/7012d8-afa1-419b-8b60-35c63fa765a2/1/aqj6dcUCDNYhjPfxCd5CAmUgS6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:d040:2::-2a13:d040:4:ffff:ffff:ffff:ffff:ffff
2a13:d046:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
a6:e0:64:12:ec:7c:aa:ec:8a:51:33:c0:32:48:2d:54:71:43:
9f:79:de:af:ba:4d:ee:68:9f:f1:9b:07:fe:c5:3a:f8:14:db:
80:c4:e0:6d:90:d0:d9:98:18:0f:1c:d5:a5:5e:d1:77:bc:87:
b9:2b:d7:cf:70:ad:30:02:6f:dc:b1:aa:1b:c0:fe:ff:36:af:
33:55:24:04:3b:1a:13:e8:c4:d5:06:aa:d5:d2:2c:4a:9a:19:
01:cc:f0:b8:92:57:c8:01:f4:83:f2:a4:b1:81:b4:d5:66:d5:
d6:9a:a8:77:b1:70:c8:69:3e:22:89:ec:e7:44:3c:3b:db:63:
ff:2e:21:71:c1:65:a5:8b:0d:00:15:41:be:67:8d:84:e3:56:
56:ea:d0:94:a6:8b:03:5a:5a:26:a5:13:0d:17:23:3d:8e:a0:
45:43:c8:34:8e:93:da:46:29:0b:f4:42:d7:b5:2a:57:32:81:
a5:8c:19:47:b4:27:d2:3d:a3:8b:c6:ee:c7:98:b9:29:03:69:
08:01:87:37:bb:ee:df:5f:58:10:fc:19:3b:29:c7:c4:8c:3b:
7a:e6:af:33:92:0d:a4:c0:d5:56:52:b6:68:3c:01:e5:81:0f:
15:ef:85:e4:25:c1:09:65:3b:1e:3d:40:0d:39:95:4c:a2:1f:
dc:60:da:fa
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZBsyW447kIK9R1w+mRGfkV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhYThmYTc1YzUwMjBjZDYyMThjZjdmMTA5ZGU0MjAyNjUy
MDRiYWMwHhcNMjQwNzAxMDUzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjM3MTMxODNiOWZhZDE2M2YwYTBjOTdlMDk5YWZjNmFmZTM1NjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIT5GL80zYED7VDcbhN1PjDmDADz
GRsH2QHWpvezLPm/fILx3jPxxBS0NwKV3RYj7BZfBow2yqR/TrftkOMZNK8PLSMe
p0LgBIRFuJMYSFBn03Xqr4mRvxfM09g/NkYjxSszdtgCMhj4C2z2dN20AHHwYIm2
7hq/oswdi96dkPkC1GL1wCOS8WUaxzDhnrDi5jDC4PId2zqFY1Btr+P63lFxgJ2R
+LLrZtdOyUk4h4bsA4AqS4UB4OlD5kjwUWHHWccgEwYnulV3X+I3ovrDziZOA/dC
2IK3ZfdoOhog8FrohDstt3o/+c+m1cwJ8j5SSOA4AB86hNMWTSO6W3AcVQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFCs3Exg7n60WPwoMl+CZr8av41YIMB8GA1UdIwQY
MBaAFGqo+nXFAgzWIYz38QneQgJlIEusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAt
MzVjNjNmYTc2NWEyLzEvS3pjVEdEdWZyUllfQ2d5WDRKbXZ4cV9qVmdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy83MDEyZDgtYWZhMS00MTliLThiNjAtMzVjNjNmYTc2NWEy
LzEvYXFqNmRjVUNETlloalBmeENkNUNBbVVnUzZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAAjAdMBIDBwEqE9BA
AAIDBwAqE9BAAAQDBwAqE9BG//8wDQYJKoZIhvcNAQELBQADggEBAKbgZBLsfKrs
ilEzwDJILVRxQ5953q+6Te5on/GbB/7FOvgU24DE4G2Q0NmYGA8c1aVe0Xe8h7kr
189wrTACb9yxqhvA/v82rzNVJAQ7GhPoxNUGqtXSLEqaGQHM8LiSV8gB9IPypLGB
tNVm1daaqHexcMhpPiKJ7OdEPDvbY/8uIXHBZaWLDQAVQb5njYTjVlbq0JSmiwNa
WialEw0XIz2OoEVDyDSOk9pGKQv0Qte1KlcygaWMGUe0J9I9o4vG7seYuSkDaQgB
hze77t9fWBD8GTspx8SMO3rmrzOSDaTA1VZStmg8AeWBDxXvheQlwQllOx49QA05
lUyiH9xg2vo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:40 2024 by rpki-client on console-fra.rpki-client.org